|
Since both the password-hash and password-crypt-salt-format are Global options, is it possible to specify the password-hash on a per BDB backend basis?
For example, I have 4 BDB backends and I'd like them all to have the CRYPT and salt listed below sans one BDB backend where it needs to be CLEARTEXT. However, when I specify this configuration in sladp.conf and bounce slapd I get the following error when trying to change a users password with the ldappasswd command. It's worth nothing that an ldapmodify to the userPassword attribute works just fine. I use security ssf=256, which is a Global option as well on a per BDB backend basis and this works just fine so I assumed this config for hashes would work as well. Error message: "Result: Constraint violation (19) Additional info: Password policy only allows one password value" Relevant config below: ## GLOBAL SETTING password-hash {CRYPT} password-crypt-salt-format $6$%.12s ### BDB DATABASE SETTING database bdb suffix "dc=testldap,dc=com" rootdn "cn=LDAPAdmin,dc=testldap,dc=com" directory /var/lib/ldap/testldap password-hash {CLEARTEXT} |